Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4d4df828-87d0-400e-bee0-4cd343ba4776.roa
File:                     4d4df828-87d0-400e-bee0-4cd343ba4776.roa (raw, json)
Hash identifier:          B6ereJZC4PwPkiYAGAaFvh1FyTxPJatH2c3q/DhPtz4=
Subject key identifier:   9B:3C:D4:74:03:70:B6:E2:57:75:19:E0:F9:69:74:A8:D6:1F:5B:38
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0895AB53D302BF5BFC8C955AEBAA54A347B10B16
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4d4df828-87d0-400e-bee0-4cd343ba4776.roa
Signing time:             Tue 22 Jul 2025 00:51:55 +0000
ROA not before:           Tue 22 Jul 2025 00:51:55 +0000
ROA not after:            Tue 26 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.18.64.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:95:ab:53:d3:02:bf:5b:fc:8c:95:5a:eb:aa:54:a3:47:b1:0b:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 22 00:51:55 2025 GMT
            Not After : Aug 26 23:59:59 2025 GMT
        Subject: serialNumber=0747d79a74af4b9d63bfdd968a4b7459d560d748828012091e671a9977206e9b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:ef:49:56:6b:bd:6a:09:9d:3a:ee:d9:48:c0:
                    c8:42:34:6e:64:7f:c0:78:fd:89:a0:ce:89:3a:c0:
                    f6:23:26:53:68:ff:d0:7e:09:ce:43:98:d9:0d:05:
                    59:54:e7:34:b5:36:32:2a:2e:28:a3:5c:ee:e3:c6:
                    75:93:59:64:a6:2b:e0:b7:ef:e4:4c:d5:f1:bb:ff:
                    1d:2e:d1:4c:87:01:68:1d:79:1f:1d:55:f9:5e:f0:
                    53:92:08:8f:48:90:3e:19:4d:41:ff:d6:89:4e:1b:
                    db:d8:39:82:dc:d5:74:e3:aa:ae:35:e0:0e:cb:e0:
                    67:90:33:ee:85:6a:91:22:bf:c5:b8:17:d9:52:c2:
                    dd:5e:d4:ee:3e:0e:b9:ae:19:44:40:43:93:d2:c5:
                    49:05:74:93:6c:d1:44:44:68:74:d0:f2:35:91:a7:
                    0a:a7:7e:62:22:95:44:87:14:4c:ed:26:3b:15:84:
                    83:e4:ab:29:ff:d7:58:39:24:15:14:c9:bd:64:b8:
                    fd:59:94:dc:3c:6d:87:b8:cb:11:71:46:4e:f6:c0:
                    36:35:38:89:fc:d9:e8:22:c4:db:e0:35:07:13:72:
                    e1:ff:bd:c9:83:0f:01:b2:85:72:bf:9d:57:44:09:
                    b3:47:b1:cb:c7:d1:26:ab:cc:40:6b:92:4f:3f:24:
                    12:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:3C:D4:74:03:70:B6:E2:57:75:19:E0:F9:69:74:A8:D6:1F:5B:38
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4d4df828-87d0-400e-bee0-4cd343ba4776.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.18.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         02:9b:1b:bc:95:57:d9:16:74:e3:95:7d:0d:22:e5:15:e1:6d:
         37:3f:f3:68:49:08:21:08:41:69:aa:b4:21:1d:1f:1e:20:53:
         6e:bd:f2:7f:d4:2a:49:bb:7e:7a:9f:37:86:f0:f1:45:f3:28:
         8c:ae:d4:fa:28:ac:3c:4c:f1:e4:23:93:a9:1f:b5:c6:c1:9d:
         bd:b5:c7:32:2a:b1:ea:9f:d4:22:75:5d:77:1f:37:9c:dc:d8:
         1f:f2:98:69:f1:c2:3b:03:f8:2f:39:85:bf:1c:6a:d8:ba:88:
         2d:e0:56:a5:fb:1b:87:94:05:9b:11:b5:69:85:75:27:6a:5b:
         7e:a7:b8:ad:cf:54:01:38:4d:2f:fc:38:49:b7:31:91:42:35:
         df:47:3b:e0:e1:64:42:b6:b1:cc:dd:63:f6:b9:0a:87:c8:e7:
         25:f2:6e:b1:39:53:51:22:7c:c3:f8:a4:b0:9d:d9:98:61:b0:
         34:74:2e:46:56:2e:77:3d:31:d6:e5:f4:e6:06:bd:92:78:cc:
         26:02:0a:56:b2:fc:91:b5:33:4e:17:65:c7:0c:2e:a3:60:47:
         24:aa:26:e4:a1:6b:b0:c8:f6:17:b5:a4:95:68:f8:a2:f4:a7:
         bd:a2:79:39:e6:f6:06:25:d6:ae:dc:7a:2a:db:e8:16:b2:3e:
         40:94:f9:d7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCJWrU9MCv1v8jJVa66pUo0exCxYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIyMDA1MTU1WhcNMjUwODI2MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNzQ3ZDc5YTc0YWY0YjlkNjNiZmRkOTY4YTRiNzQ1OWQ1
NjBkNzQ4ODI4MDEyMDkxZTY3MWE5OTc3MjA2ZTliMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCN70lWa71qCZ067tlIwMhCNG5kf8B4/Ymgzok6wPYjJlNo
/9B+Cc5DmNkNBVlU5zS1NjIqLiijXO7jxnWTWWSmK+C37+RM1fG7/x0u0UyHAWgd
eR8dVfle8FOSCI9IkD4ZTUH/1olOG9vYOYLc1XTjqq414A7L4GeQM+6FapEiv8W4
F9lSwt1e1O4+DrmuGURAQ5PSxUkFdJNs0UREaHTQ8jWRpwqnfmIilUSHFEztJjsV
hIPkqyn/11g5JBUUyb1kuP1ZlNw8bYe4yxFxRk72wDY1OIn82egixNvgNQcTcuH/
vcmDDwGyhXK/nVdECbNHscvH0SarzEBrkk8/JBJHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUmzzUdANwtuJXdRng+Wl0qNYfWzgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRkNGRmODI4LTg3ZDAtNDAwZS1iZWUwLTRjZDM0M2JhNDc3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYyEkAwDQYJKoZIhvcNAQELBQADggEBAAKbG7yVV9kWdOOVfQ0i5RXhbTc/
82hJCCEIQWmqtCEdHx4gU2698n/UKkm7fnqfN4bw8UXzKIyu1PoorDxM8eQjk6kf
tcbBnb21xzIqseqf1CJ1XXcfN5zc2B/ymGnxwjsD+C85hb8cati6iC3gVqX7G4eU
BZsRtWmFdSdqW36nuK3PVAE4TS/8OEm3MZFCNd9HO+DhZEK2sczdY/a5CofI5yXy
brE5U1EifMP4pLCd2ZhhsDR0LkZWLnc9Mdbl9OYGvZJ4zCYCClay/JG1M04XZccM
LqNgRySqJuSha7DI9he1pJVo+KL0p72ieTnm9gYl1q7ceirb6BayPkCU+dc=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:10:17 2025 by rpki-client